NAT on Nethserver

NethServer Version: 7
Module: Firewall

Can someone advise me how to enable a NAT exclusion on the Nethserver/Shorewall Firewall.

I have a private subnet on the LAN (Green) which seems to automatically get NAT to the RED interface. This is fine and allows the local LAN severs to get updates etc.

However, I have a need to not NAT when communicating with particular outside addresses. i.e.

LAN 192.168.1.0/24 PC’s get NAT out to Red Interface for example. But, if the destination is other private ranges (these are reachable beyond my RED zone) I want the source address of 192.168.1.0 to stay in place.

I am familar doing this with NAT rules and policy on Cisco, Juniper etc, but not on Nethserver.

Any pointers would be very much appreciated.

Thanks

What is the route to the other private net?

  • If it passes through the internet (red) maybe an ipsec tunnel is required.
  • If it is routed through any other interface configure an additional static route.

How are you doing? Do you want two networks to see each other but not go on the internet?

Example: 192.168.1.0/24 communicate with 192.168.2.0/24

Can you help us to help you? :slight_smile:
Please answer @davidep and @jgjimenezs